1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2024:2821-1

[SUSE-SU-2024:2821-1] Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5)

Severity Important
CVEs 12
Info References Vulnerabilities

Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122_201 fixes several issues.

The following security issues were fixed:

  • CVE-2024-27398: Fixed use-after-free bug caused by sco_sock_timeout() (bsc#1225013).
  • CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310).
  • CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211).
  • CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).
  • CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681).
  • CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).
  • CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537).
  • CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145).
  • CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059).
  • CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514).
  • CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685).
  • CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619).
ID
SUSE-SU-2024:2821-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2024/suse-su-20242821-1/
Published
2024-08-08T11:33:55
(5 weeks ago)
Modified
2024-08-08T11:33:55
(5 weeks ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2821-1.json
Suse URL for SUSE-SU-2024:2821-1 https://www.suse.com/support/update/announcement/2024/suse-su-20242821-1/
Suse E-Mail link for SUSE-SU-2024:2821-1 https://lists.suse.com/pipermail/sle-updates/2024-August/036385.html
Bugzilla SUSE Bug 1210619 https://bugzilla.suse.com/1210619
Bugzilla SUSE Bug 1220145 https://bugzilla.suse.com/1220145
Bugzilla SUSE Bug 1220537 https://bugzilla.suse.com/1220537
Bugzilla SUSE Bug 1222685 https://bugzilla.suse.com/1222685
Bugzilla SUSE Bug 1223059 https://bugzilla.suse.com/1223059
Bugzilla SUSE Bug 1223363 https://bugzilla.suse.com/1223363
Bugzilla SUSE Bug 1223514 https://bugzilla.suse.com/1223514
Bugzilla SUSE Bug 1223681 https://bugzilla.suse.com/1223681
Bugzilla SUSE Bug 1223683 https://bugzilla.suse.com/1223683
Bugzilla SUSE Bug 1225013 https://bugzilla.suse.com/1225013
Bugzilla SUSE Bug 1225211 https://bugzilla.suse.com/1225211
Bugzilla SUSE Bug 1225310 https://bugzilla.suse.com/1225310
CVE SUSE CVE CVE-2021-46955 page https://www.suse.com/security/cve/CVE-2021-46955/
CVE SUSE CVE CVE-2021-47383 page https://www.suse.com/security/cve/CVE-2021-47383/
CVE SUSE CVE CVE-2022-48651 page https://www.suse.com/security/cve/CVE-2022-48651/
CVE SUSE CVE CVE-2023-1829 page https://www.suse.com/security/cve/CVE-2023-1829/
CVE SUSE CVE CVE-2023-6546 page https://www.suse.com/security/cve/CVE-2023-6546/
CVE SUSE CVE CVE-2024-23307 page https://www.suse.com/security/cve/CVE-2024-23307/
CVE SUSE CVE CVE-2024-26828 page https://www.suse.com/security/cve/CVE-2024-26828/
CVE SUSE CVE CVE-2024-26852 page https://www.suse.com/security/cve/CVE-2024-26852/
CVE SUSE CVE CVE-2024-26923 page https://www.suse.com/security/cve/CVE-2024-26923/
CVE SUSE CVE CVE-2024-26930 page https://www.suse.com/security/cve/CVE-2024-26930/
CVE SUSE CVE CVE-2024-27398 page https://www.suse.com/security/cve/CVE-2024-27398/
CVE SUSE CVE CVE-2024-35950 page https://www.suse.com/security/cve/CVE-2024-35950/
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date